Sorry for my pool English. Wish U can undersand lol.
Asterisk tested version: 13.x cert, 13.x lts latest, 13.x in ubuntu default apt repo, 16.x cert, 16.x lts latest(pjsip2.9).
Server network : Public ipv4 address. TLS transport.
Client software: Tested on multiple client software phones. Bria, GSWave, MicroSIP, AndriodSip, SIP bundled in android dialer.
Client network: All behind ipv4 NAT, multiple network env, LTE, normal NAT, multiple router. Client with public ipv4 address do not have this issue. TLS transport.
Client behind with tls protocol (RTP/SRTP) cannot recieve server’s download RTP/SRTP stream. For debuging, I use a dialplan with answer and saydigits. Uploading works well (use recording for debug).
Under same pjsip configuration and change the transport from tls to udp, it works well.
After debugging, I found asterisk pjsip doesn’t handle RTP well with TLS transport.
All of my endpoints are set NAT-relate attributes (direct_media=no, force_rport=yes,rtp_symmetric=yes,media_use_received_transport=yes), they work well on udp transport. Debugging shows that the clients send RTP handshakes with 192.168.x.x private address with udp transport, and the server use rport. But when the clients use private address with tls transport, the server just ignore the NAT-relative attributes, send rtp packets to the private address, and client cannot recieve that. No download data.